This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/3IMyxyNm6r93DqPE2aE52SXbIuI.roa File: 3IMyxyNm6r93DqPE2aE52SXbIuI.roa (raw, json) Hash identifier: QbQusr/PsSc9ZEq6dT5CeLnT4svv4+NWJleDs2gqqNo= Subject key identifier: DC:83:32:C7:23:66:EA:BF:77:0E:A3:C4:D9:A1:39:D9:25:DB:22:E2 Certificate issuer: /CN=607e5caff4f47b2b8dc81cc36c8e346662639898 Certificate serial: 019B7EA57BC669C53272A5683E4B01446240 Authority key identifier: 60:7E:5C:AF:F4:F4:7B:2B:8D:C8:1C:C3:6C:8E:34:66:62:63:98:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YH5cr_T0eyuNyBzDbI40ZmJjmJg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/3IMyxyNm6r93DqPE2aE52SXbIuI.roa Signing time: Fri 02 Jan 2026 12:18:52 +0000 ROA not before: Fri 02 Jan 2026 12:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211953 IP address blocks: 185.189.52.0/24 maxlen: 24 185.189.53.0/24 maxlen: 24 185.189.54.0/24 maxlen: 24 185.189.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/YH5cr_T0eyuNyBzDbI40ZmJjmJg.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/YH5cr_T0eyuNyBzDbI40ZmJjmJg.mft rsync://rpki.ripe.net/repository/DEFAULT/YH5cr_T0eyuNyBzDbI40ZmJjmJg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:7b:c6:69:c5:32:72:a5:68:3e:4b:01:44:62:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=607e5caff4f47b2b8dc81cc36c8e346662639898 Validity Not Before: Jan 2 12:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc8332c72366eabf770ea3c4d9a139d925db22e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ad:ce:8b:7f:70:9c:9e:60:a7:f9:3d:6e:b1: 01:7b:1c:ef:09:7f:7f:c4:63:57:5b:c9:d4:17:bc: dd:7c:02:22:3f:a1:20:48:b5:e3:ac:4e:18:5b:99: 66:68:ba:78:1c:ef:61:9e:66:3c:80:97:21:4b:a9: 09:0e:55:69:56:0a:7b:79:11:5b:10:67:10:3f:0f: 7f:22:76:03:db:22:1f:8a:b8:35:9d:62:2a:f5:b6: 68:9e:c3:45:2d:12:2c:ca:dd:92:05:c7:4e:38:a9: 07:1b:9b:86:36:af:ac:5b:40:96:2f:31:82:62:07: e4:0f:f8:25:09:13:03:c4:e2:2e:11:42:1c:be:de: 8d:be:a4:61:a0:3a:a2:ee:ca:74:b5:52:b3:c6:23: 29:c4:0d:99:bf:05:36:76:47:2d:38:d4:fe:03:49: d9:da:19:06:d9:e7:c9:c5:80:b3:e9:b5:d8:7f:e2: e1:e3:60:0e:3b:6c:fd:69:4d:5d:d2:46:83:78:f8: 71:f9:b6:3c:f9:62:18:0a:9f:53:a6:45:39:45:c9: 93:39:07:90:59:8f:0b:58:36:bc:41:32:77:46:3f: 3a:03:30:94:43:02:a9:88:8b:a9:64:4e:cd:17:89: 14:52:e3:69:61:04:73:73:07:c5:29:3d:55:77:dc: c2:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:83:32:C7:23:66:EA:BF:77:0E:A3:C4:D9:A1:39:D9:25:DB:22:E2 X509v3 Authority Key Identifier: keyid:60:7E:5C:AF:F4:F4:7B:2B:8D:C8:1C:C3:6C:8E:34:66:62:63:98:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YH5cr_T0eyuNyBzDbI40ZmJjmJg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/3IMyxyNm6r93DqPE2aE52SXbIuI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/7d66de-5f0c-4765-a0f6-67fbf2155e4e/1/YH5cr_T0eyuNyBzDbI40ZmJjmJg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.189.52.0/22 Signature Algorithm: sha256WithRSAEncryption 54:07:b5:1e:20:9d:d9:84:4f:0b:06:a3:e4:39:82:17:89:04: 21:64:e7:aa:be:38:79:32:32:ab:67:3b:60:bb:e7:e5:ca:a2: cb:72:32:bf:b2:66:51:70:04:35:25:6a:da:34:59:1c:78:6b: 1f:13:8b:ba:f8:78:a7:b9:8e:fa:34:f5:e1:79:97:23:0d:1c: ba:da:36:15:94:df:3e:ba:dc:05:48:fb:89:90:79:6b:fb:73: 05:a1:cd:3c:9e:e0:60:f3:d6:4d:7b:15:fb:b1:a7:b3:b3:66: e1:7d:ca:6d:cb:79:6a:dc:38:6f:35:f9:c0:b7:7a:c0:66:86: 64:f8:4c:a5:30:12:75:8d:95:e3:44:37:3b:16:37:a6:ab:e6: 75:32:f8:7a:02:69:a6:21:f0:07:73:c8:5b:09:0b:0b:24:83: 23:06:dd:28:16:e7:4b:f8:21:7c:cd:d6:8a:fd:4f:f7:3f:21: 89:a3:63:4f:9e:46:9f:a5:4e:a9:3d:6d:f6:94:c0:c8:49:c6: cd:99:43:f6:b5:51:f2:0f:06:d1:8a:f0:a6:c9:bd:61:8b:fd: 81:e4:2f:5b:58:cd:4a:bb:8e:c9:85:5c:58:b7:d4:b0:0f:e1: 70:2e:80:af:a6:06:5f:16:e8:e7:f9:83:10:c5:71:45:e4:66: e8:f4:16:ab -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pXvGacUycqVoPksBRGJAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwN2U1Y2FmZjRmNDdiMmI4ZGM4MWNjMzZjOGUzNDY2NjI2 Mzk4OTgwHhcNMjYwMTAyMTIxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzgzMzJjNzIzNjZlYWJmNzcwZWEzYzRkOWExMzlkOTI1ZGIyMmUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK3Oi39wnJ5gp/k9brEBexzvCX9/ xGNXW8nUF7zdfAIiP6EgSLXjrE4YW5lmaLp4HO9hnmY8gJchS6kJDlVpVgp7eRFb EGcQPw9/InYD2yIfirg1nWIq9bZonsNFLRIsyt2SBcdOOKkHG5uGNq+sW0CWLzGC YgfkD/glCRMDxOIuEUIcvt6NvqRhoDqi7sp0tVKzxiMpxA2ZvwU2dkctONT+A0nZ 2hkG2efJxYCz6bXYf+Lh42AOO2z9aU1d0kaDePhx+bY8+WIYCp9TpkU5RcmTOQeQ WY8LWDa8QTJ3Rj86AzCUQwKpiIupZE7NF4kUUuNpYQRzcwfFKT1Vd9zCJQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNyDMscjZuq/dw6jxNmhOdkl2yLiMB8GA1UdIwQY MBaAFGB+XK/09Hsrjcgcw2yONGZiY5iYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUg1Y3JfVDBleXVOeUJ6RGJJNDBabUpqbUpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi83ZDY2ZGUtNWYwYy00NzY1LWEwZjYt NjdmYmYyMTU1ZTRlLzEvM0lNeXh5Tm02cjkzRHFQRTJhRTUyU1hiSXVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi83ZDY2ZGUtNWYwYy00NzY1LWEwZjYtNjdmYmYyMTU1ZTRl LzEvWUg1Y3JfVDBleXVOeUJ6RGJJNDBabUpqbUpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub00MA0G CSqGSIb3DQEBCwUAA4IBAQBUB7UeIJ3ZhE8LBqPkOYIXiQQhZOeqvjh5MjKrZztg u+flyqLLcjK/smZRcAQ1JWraNFkceGsfE4u6+HinuY76NPXheZcjDRy62jYVlN8+ utwFSPuJkHlr+3MFoc08nuBg89ZNexX7saezs2bhfcpty3lq3DhvNfnAt3rAZoZk +EylMBJ1jZXjRDc7Fjemq+Z1Mvh6AmmmIfAHc8hbCQsLJIMjBt0oFudL+CF8zdaK /U/3PyGJo2NPnkafpU6pPW32lMDIScbNmUP2tVHyDwbRivCmyb1hi/2B5C9bWM1K u47JhVxYt9SwD+FwLoCvpgZfFujn+YMQxXFF5Gbo9Bar -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:40 2026 by rpki-client